profile
viewpoint

Pull request review commenttheupdateframework/notary

CircleCI: run jobs in parallel

 jobs:           command: |             docker version             docker info+            docker-compose version       - run:           name: "Build image"           command: docker build --progress=plain -t notary_client .-      - run: ./buildscripts/circle_parallelism.sh-      - run: docker-compose -f docker-compose.yml down -v && docker-compose -f docker-compose.rethink.yml down -v+      - run:+          name: "ci"+          command: docker run --rm -e NOTARY_BUILDTAGS --env-file buildscripts/env.list --user notary notary_client bash -c "make ci && codecov"+      - run:+          name: "Teardown"+          command: docker-compose -f docker-compose.yml down -v && docker-compose -f docker-compose.rethink.yml down -v++  job_02:+    machine:+      image: ubuntu-1604:201903-01+    working_directory: ~/go/src/github.com/theupdateframework/notary+    environment:+      NOTARY_BUILDTAGS: none+      DOCKER_BUILDKIT: 1+    steps:+      - add_ssh_keys+      - checkout+      - run:+          name: "Docker Info"+          command: |+            docker version+            docker info+            docker-compose version+      - run:+          name: "Build image"+          command: docker build --progress=plain -t notary_client .+      - run:+          name: "ci"+          command: docker run --rm -e NOTARY_BUILDTAGS --env-file buildscripts/env.list --user notary notary_client bash -c "make ci && codecov"

NOTARY_BUILDTAGS=none?

EDIT: ah ,ok, you define it over there.

thaJeztah

comment created time in 4 days

push eventtheupdateframework/notary

Sebastiaan van Stijn

commit sha 219bf8fbc0f1b3588ca1f5b815a5c2c9c8e5d07a

Makefile: disable debug to make CI more readable Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha 92dde9576642c840ae5bc170413f0f7cfc29847c

Merge pull request #1510 from thaJeztah/disable_debug Makefile: disable debug to make CI more readable CodeCov failure unrelated with this commit.

view details

push time in 5 days

PR merged theupdateframework/notary

Makefile: disable debug to make CI more readable

CI was quite noisy, and probably could do without the -debug option (I think it can still be enabled by setting a DEBUG env-var if needed)

+1 -1

2 comments

1 changed file

thaJeztah

pr closed time in 5 days

pull request commenttheupdateframework/notary

Private keys and passwords present.

closing.

Please feel free to reopen it if there is any further work need to do.

the4rchangel

comment created time in 5 days

pull request commenttheupdateframework/notary

Makefile: disable debug to make CI more readable

merging.

thaJeztah

comment created time in 5 days

issue commenttheupdateframework/notary

Helm chart for Notary

@HuKeping It's not clear to me if you're saying that you don't think it makes sense to bring more contributors to the community, or if you're just not sure if that's the target.

Sorry for the misleading. I mean if the reason we bring in Helm chat is to bring more contributors to the community, that would not make much sense.

patoarvizu

comment created time in 15 days

issue commenttheupdateframework/notary

Helm chart for Notary

Furthermore, having the examples co-exist with the core code can (in my opinion) remove the cognitive wall of having two separate repos, and potentially encourage more community contributions.

I agree it may increase the activity of this project if we put these two together, but in the meantime I also think it doesn't make much sense if the target is to bring more contributor to this community.

On the other hand, I think part of the value of adding this here, is that it shows activity and signals interest in the project (in the context of this proposal).

I've noticed the proposal at CNCF TOC, I think they're just doing their job, supervise the projects under CNCF and to see if there's any thing that they could help.

patoarvizu

comment created time in 17 days

issue commenttheupdateframework/notary

Helm chart for Notary

Furthermore, having the examples co-exist with the core code can (in my opinion) remove the cognitive wall of having two separate repos, and potentially encourage more community contributions.

I agree it may increase the activity of this project if we put these two together, but in the meantime I also think it doesn't make much sense if the target is to bring more contributor to this community.

I've noticed the proposal at CNCF TOC, I think they're just doing their job, supervise the projects under CNCF and to see if there's any thing that they could help.

patoarvizu

comment created time in 17 days

pull request commenttheupdateframework/notary

Add helm chart

Let's have a discuss about bringing helm chart at #1502 and left the reviewing work here.

patoarvizu

comment created time in 20 days

issue commenttheupdateframework/notary

Helm chart for Notary

Do we really want introduce helm to this git repo(for notary source code).

Actually I don't like the docker-compose.yml to be here either, but since it could be a guide to show people how to deploy notary-server and notary-signer and is simple enough, so I haven't drop it.

I'm thinking if we should create another separated git repo to hold those templates-such as notary-template-helm, notary-template-docker-compose rather than tie it up with this git repo.

thoughts @theupdateframework/notary-maintainers ?

patoarvizu

comment created time in 20 days

Pull request review commenttheupdateframework/notary

Private keys and passwords present.

 import ( )  func getRSAKey() (data.PrivateKey, error) {-	raw := []byte(`-----BEGIN RSA PRIVATE KEY-----

it seems no risk here

the4rchangel

comment created time in 22 days

pull request commenttheupdateframework/notary

Add helm chart

Apologise @patoarvizu ! i've noticed this PR a few days ago, but haven't find a time slot getting to it since it's quite big for this project.

patoarvizu

comment created time in 23 days

push eventtheupdateframework/notary

Sebastiaan van Stijn

commit sha 5f9bd7689d050d9342586fa3418205007587561a

Fix gosec linter results not being printed Before this, `make lint` would fail, but the output of the linter would be discarded, making it unclear what caused the failure: docker build -t notary_client . && docker run -it --rm -e NOTARY_BUILDTAGS=pkcs11 notary_client sh -c 'make lint' ... [gosec] 2019/10/16 11:11:04 Checking file: /go/src/github.com/theupdateframework/notary/utils/http.go make: *** [Makefile:106: lint] Error 1 This problem occurred, because there was an actual linting error, and the code to check for failures did so by checking the output of the csv file to be empty; test -z "$$(cat gas_output.csv | tee /dev/stderr)" In this case, it was not, and the file contained: /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof""" In which case, the code tried to evaluated the output; "$(echo /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof""")" bash: /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,_ net/http/pprof: No such file or directory This patch changes the approach, and: - makes sure no csv file is in place before the test - using the exit-code of the linter as indication it failed (instead of checking for the file to be empty) - in which case, the output of the file is printed on stderr, and the script exited with a non-zero status - renames the csv-file from gas_output.csv to gosec_output.csv, to match the new name of the linter With this patch applied: docker build -t notary_client . && docker run -it --rm -e NOTARY_BUILDTAGS=pkcs11 notary_client sh -c 'make lint' ... [gosec] 2019/10/16 11:13:20 Checking file: /go/src/github.com/theupdateframework/notary/signer/api/rpc_api.go /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof""" make: *** [Makefile:107: lint] Error 1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha b6b9f01becbdaa7baf1dd723289e540fb8bc0d4a

Merge pull request #1505 from thaJeztah/fix_gosec_output Fix gosec linter results not being printed

view details

push time in a month

PR merged theupdateframework/notary

Fix gosec linter results not being printed

Before this, make lint would fail, but the output of the linter would be discarded, making it unclear what caused the failure:

docker build -t notary_client . && docker run -it --rm -e NOTARY_BUILDTAGS=pkcs11 notary_client sh -c 'make lint'
...
[gosec] 2019/10/16 11:11:04 Checking file: /go/src/github.com/theupdateframework/notary/utils/http.go
make: *** [Makefile:106: lint] Error 1

This problem occurred, because there was an actual linting error, and the code to check for failures did so by checking the output of the csv file to be empty;

test -z "$$(cat gas_output.csv | tee /dev/stderr)"

In this case, it was not, and the file contained:

/go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof"""

In which case, the code tried to evaluated the output;

"$(echo /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof""")"
bash: /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,_ net/http/pprof: No such file or directory

This patch changes the approach, and:

  • makes sure no csv file is in place before the test
  • using the exit-code of the linter as indication it failed (instead of checking for the file to be empty)
  • in which case, the output of the file is printed on stderr, and the script exited with a non-zero status
  • renames the csv-file from gas_output.csv to gosec_output.csv, to match the new name of the linter

With this patch applied:

docker build -t notary_client . && docker run -it --rm -e NOTARY_BUILDTAGS=pkcs11 notary_client sh -c 'make lint'
...
[gosec] 2019/10/16 11:13:20 Checking file: /go/src/github.com/theupdateframework/notary/signer/api/rpc_api.go
/go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof"""
make: *** [Makefile:107: lint] Error 1
+3 -2

3 comments

2 changed files

thaJeztah

pr closed time in a month

pull request commenttheupdateframework/notary

Fix gosec linter results not being printed

This PR has nothing to do with the codecov check.

LGTM!

thaJeztah

comment created time in a month

pull request commenttheupdateframework/notary

Bump golang 1.12.10 (CVE-2019-9512, CVE-2019-9514, CVE-2019-16276)

Thanks @thaJeztah , let's get to #1505 and #1506 first.

thaJeztah

comment created time in a month

push eventthaJeztah/notary

Sebastiaan van Stijn

commit sha db73f4002596d4ff7997f236b471d862c2120e91

gosec: ignore G108: Profiling endpoint automatically exposed This was a false positive, as no server is started unless -debug is enabled. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha bd18eb9ad583965843adf6c2133ba7aa24699c97

Merge pull request #1506 from thaJeztah/fix_gosec_g108 gosec: ignore G108: Profiling endpoint automatically exposed

view details

Sebastiaan van Stijn

commit sha 5d939572d7fa28f6a95c5d4f2bdd0c6a92181976

Fix "make test" broken on Go 1.13 This fixes the tests being broken on Go 1.13 and up, which is caused by a change in Go 1.13: https://golang.org/doc/go1.13#testing > Testing flags are now registered in the new Init function, which is invoked by > the generated main function for the test. As a result, testing flags are now only > registered when running a test binary, and packages that call flag.Parse during > package initialization may cause tests to fail. Before this change: make test ok github.com/theupdateframework/notary/client/changelist (cached) flag provided but not defined: -test.testlogfile Usage of /var/folders/c_/vjh56sc12fd2b_q2n02_lt140000gn/T/go-build270388911/b229/escrow.test: -config string path to configuration file; supported formats are JSON, YAML, and TOML (default "config.toml") ... FAIL make: *** [test] Error 1 With this patch applied, the test complete succesfully Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha 49188000ccb4973951f607f437d936b50275f5fb

Merge pull request #1507 from thaJeztah/fix_testing_go_1.13 Fix "make test" broken on Go 1.13

view details

Sebastiaan van Stijn

commit sha 5f9bd7689d050d9342586fa3418205007587561a

Fix gosec linter results not being printed Before this, `make lint` would fail, but the output of the linter would be discarded, making it unclear what caused the failure: docker build -t notary_client . && docker run -it --rm -e NOTARY_BUILDTAGS=pkcs11 notary_client sh -c 'make lint' ... [gosec] 2019/10/16 11:11:04 Checking file: /go/src/github.com/theupdateframework/notary/utils/http.go make: *** [Makefile:106: lint] Error 1 This problem occurred, because there was an actual linting error, and the code to check for failures did so by checking the output of the csv file to be empty; test -z "$$(cat gas_output.csv | tee /dev/stderr)" In this case, it was not, and the file contained: /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof""" In which case, the code tried to evaluated the output; "$(echo /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof""")" bash: /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,_ net/http/pprof: No such file or directory This patch changes the approach, and: - makes sure no csv file is in place before the test - using the exit-code of the linter as indication it failed (instead of checking for the file to be empty) - in which case, the output of the file is printed on stderr, and the script exited with a non-zero status - renames the csv-file from gas_output.csv to gosec_output.csv, to match the new name of the linter With this patch applied: docker build -t notary_client . && docker run -it --rm -e NOTARY_BUILDTAGS=pkcs11 notary_client sh -c 'make lint' ... [gosec] 2019/10/16 11:13:20 Checking file: /go/src/github.com/theupdateframework/notary/signer/api/rpc_api.go /go/src/github.com/theupdateframework/notary/cmd/notary-server/main.go,8,Profiling endpoint is automatically exposed on /debug/pprof,HIGH,HIGH,"_ ""net/http/pprof""" make: *** [Makefile:107: lint] Error 1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

push time in a month

pull request commenttheupdateframework/notary

Fix gosec linter results not being printed

Amazing! I love this change.

thaJeztah

comment created time in a month

PR merged theupdateframework/notary

Fix "make test" broken on Go 1.13

This fixes the tests being broken on Go 1.13 and up, which is caused by a change in Go 1.13: https://golang.org/doc/go1.13#testing

Testing flags are now registered in the new Init function, which is invoked by the generated main function for the test. As a result, testing flags are now only registered when running a test binary, and packages that call flag.Parse during package initialization may cause tests to fail.

Before this change:

make test

ok  	github.com/theupdateframework/notary/client/changelist	(cached)
flag provided but not defined: -test.testlogfile
Usage of /var/folders/c_/vjh56sc12fd2b_q2n02_lt140000gn/T/go-build270388911/b229/escrow.test:
  -config string
    	path to configuration file; supported formats are JSON, YAML, and TOML (default "config.toml")
...
FAIL
make: *** [test] Error 1

With this patch applied, the test complete succesfully

+1 -1

1 comment

1 changed file

thaJeztah

pr closed time in a month

push eventtheupdateframework/notary

Sebastiaan van Stijn

commit sha 5d939572d7fa28f6a95c5d4f2bdd0c6a92181976

Fix "make test" broken on Go 1.13 This fixes the tests being broken on Go 1.13 and up, which is caused by a change in Go 1.13: https://golang.org/doc/go1.13#testing > Testing flags are now registered in the new Init function, which is invoked by > the generated main function for the test. As a result, testing flags are now only > registered when running a test binary, and packages that call flag.Parse during > package initialization may cause tests to fail. Before this change: make test ok github.com/theupdateframework/notary/client/changelist (cached) flag provided but not defined: -test.testlogfile Usage of /var/folders/c_/vjh56sc12fd2b_q2n02_lt140000gn/T/go-build270388911/b229/escrow.test: -config string path to configuration file; supported formats are JSON, YAML, and TOML (default "config.toml") ... FAIL make: *** [test] Error 1 With this patch applied, the test complete succesfully Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha 49188000ccb4973951f607f437d936b50275f5fb

Merge pull request #1507 from thaJeztah/fix_testing_go_1.13 Fix "make test" broken on Go 1.13

view details

push time in a month

push eventthaJeztah/notary

yuxiaobo

commit sha effff7596032b6b4f7cbb4269a32a908c6a3e443

Correct spelling mistakes. Signed-off-by: yuxiaobo <yuxiaobogo@163.com>

view details

HuKeping

commit sha 62258bc0beb3bdc41de1e927a57acaee06bebe4b

Merge pull request #1498 from yuxiaobo96/notary-fix2 Correct spelling mistakes

view details

Sebastiaan van Stijn

commit sha db73f4002596d4ff7997f236b471d862c2120e91

gosec: ignore G108: Profiling endpoint automatically exposed This was a false positive, as no server is started unless -debug is enabled. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha bd18eb9ad583965843adf6c2133ba7aa24699c97

Merge pull request #1506 from thaJeztah/fix_gosec_g108 gosec: ignore G108: Profiling endpoint automatically exposed

view details

Sebastiaan van Stijn

commit sha 5d939572d7fa28f6a95c5d4f2bdd0c6a92181976

Fix "make test" broken on Go 1.13 This fixes the tests being broken on Go 1.13 and up, which is caused by a change in Go 1.13: https://golang.org/doc/go1.13#testing > Testing flags are now registered in the new Init function, which is invoked by > the generated main function for the test. As a result, testing flags are now only > registered when running a test binary, and packages that call flag.Parse during > package initialization may cause tests to fail. Before this change: make test ok github.com/theupdateframework/notary/client/changelist (cached) flag provided but not defined: -test.testlogfile Usage of /var/folders/c_/vjh56sc12fd2b_q2n02_lt140000gn/T/go-build270388911/b229/escrow.test: -config string path to configuration file; supported formats are JSON, YAML, and TOML (default "config.toml") ... FAIL make: *** [test] Error 1 With this patch applied, the test complete succesfully Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

push time in a month

pull request commenttheupdateframework/notary

Fix "make test" broken on Go 1.13

oops, rebase needed.

thaJeztah

comment created time in a month

push eventtheupdateframework/notary

Sebastiaan van Stijn

commit sha db73f4002596d4ff7997f236b471d862c2120e91

gosec: ignore G108: Profiling endpoint automatically exposed This was a false positive, as no server is started unless -debug is enabled. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha bd18eb9ad583965843adf6c2133ba7aa24699c97

Merge pull request #1506 from thaJeztah/fix_gosec_g108 gosec: ignore G108: Profiling endpoint automatically exposed

view details

push time in a month

PR merged theupdateframework/notary

gosec: ignore G108: Profiling endpoint automatically exposed

This was a false positive, as no server is started unless -debug is enabled.

Also see https://github.com/theupdateframework/notary/pull/1505, which fixes CI to print the actual failure

+1 -1

2 comments

1 changed file

thaJeztah

pr closed time in a month

push eventthaJeztah/notary

yuxiaobo

commit sha effff7596032b6b4f7cbb4269a32a908c6a3e443

Correct spelling mistakes. Signed-off-by: yuxiaobo <yuxiaobogo@163.com>

view details

HuKeping

commit sha 62258bc0beb3bdc41de1e927a57acaee06bebe4b

Merge pull request #1498 from yuxiaobo96/notary-fix2 Correct spelling mistakes

view details

Sebastiaan van Stijn

commit sha 21e471f4c00ecd94b83135cd8704c1470e6b5b65

Bump golang 1.12.8 (CVE-2019-9512, CVE-2019-9514) go1.12.8 (released 2019/08/13) includes security fixes to the net/http and net/url packages. See the Go 1.12.8 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.12.8 - net/http: Denial of Service vulnerabilities in the HTTP/2 implementation net/http and golang.org/x/net/http2 servers that accept direct connections from untrusted clients could be remotely made to allocate an unlimited amount of memory, until the program crashes. Servers will now close connections if the send queue accumulates too many control messages. The issues are CVE-2019-9512 and CVE-2019-9514, and Go issue golang.org/issue/33606. Thanks to Jonathan Looney from Netflix for discovering and reporting these issues. This is also fixed in version v0.0.0-20190813141303-74dc4d7220e7 of golang.org/x/net/http2. net/url: parsing validation issue - url.Parse would accept URLs with malformed hosts, such that the Host field could have arbitrary suffixes that would appear in neither Hostname() nor Port(), allowing authorization bypasses in certain applications. Note that URLs with invalid, not numeric ports will now return an error from url.Parse. The issue is CVE-2019-14809 and Go issue golang.org/issue/29098. Thanks to Julian Hector and Nikolai Krein from Cure53, and Adi Cohen (adico.me) for discovering and reporting this issue. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 4307a529c39b2a6c5af0d665766100dccbe6661a

Use golang-migrate/migrate, because mattes/migrate was archived Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 211715bdf7803ea3f0cc2af9375404682e8e3757

Pin golang-migrate to v4.6.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

push time in a month

push eventyuxiaobo96/notary

yuxiaobo

commit sha effff7596032b6b4f7cbb4269a32a908c6a3e443

Correct spelling mistakes. Signed-off-by: yuxiaobo <yuxiaobogo@163.com>

view details

HuKeping

commit sha 62258bc0beb3bdc41de1e927a57acaee06bebe4b

Merge pull request #1498 from yuxiaobo96/notary-fix2 Correct spelling mistakes

view details

yuxiaobo

commit sha 16983022195c116b511a8e2099c6518e440cc05e

Grammatical correction Signed-off-by: yuxiaobo <yuxiaobogo@163.com>

view details

push time in a month

push eventthaJeztah/notary

yuxiaobo

commit sha effff7596032b6b4f7cbb4269a32a908c6a3e443

Correct spelling mistakes. Signed-off-by: yuxiaobo <yuxiaobogo@163.com>

view details

HuKeping

commit sha 62258bc0beb3bdc41de1e927a57acaee06bebe4b

Merge pull request #1498 from yuxiaobo96/notary-fix2 Correct spelling mistakes

view details

Sebastiaan van Stijn

commit sha 97ce29333252f7fd878178540cb12b5fb77d1463

CircleCI: update image, and use BuildKit Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

push time in a month

pull request commenttheupdateframework/notary

CircleCI: update image, and use BuildKit

As per https://discuss.circleci.com/t/default-machine-executor-image-update/29308, I'd like to merge this PR, otherwise we should change the image to circleci/classic:201710-01 which is tooooooooooooooooooooo old.

I don't like the image name without the prefix circleci , but it seems we have no better choice.

thoughts @justincormack ?

thaJeztah

comment created time in a month

push eventtheupdateframework/notary

yuxiaobo

commit sha effff7596032b6b4f7cbb4269a32a908c6a3e443

Correct spelling mistakes. Signed-off-by: yuxiaobo <yuxiaobogo@163.com>

view details

HuKeping

commit sha 62258bc0beb3bdc41de1e927a57acaee06bebe4b

Merge pull request #1498 from yuxiaobo96/notary-fix2 Correct spelling mistakes

view details

push time in a month

PR merged theupdateframework/notary

Correct spelling mistakes

Signed-off-by: yuxiaobo yuxiaobogo@163.com

Correct spelling mistakes.

+1 -1

2 comments

1 changed file

yuxiaobo96

pr closed time in a month

fork HuKeping/ninja

a small build system with a focus on speed

https://ninja-build.org/

fork in 2 months

startedninja-build/ninja

started time in 2 months

CommitCommentEvent

pull request commenttheupdateframework/notary

CircleCI: update image, and use BuildKit

strange image name, why they give up using circleci at all?

thaJeztah

comment created time in 3 months

issue openedtheupdateframework/notary

For tracking the proposal to archive Notary project raised by CNCF

https://github.com/cncf/toc/issues/272

created time in 3 months

push eventtheupdateframework/notary

Sebastiaan van Stijn

commit sha 6c41fad7e065cdb1dc5a1f11a69c8d5c3869720f

re-vendor with current version of vndr Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 388845e6aeb7049e744fce553305056d6b003a33

Cleanup vendor.conf, fix mixed tabs/spaces Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 46586c76c7d7ed9519914bca5864f155d6a237cd

bump sirupsen/logrus v1.4.1 Full diff: sirupsen/logrus@v1.3.0...v1.4.1 Fixes: - Remove dependency on golang.org/x/crypto - Fix wrong method calls Logger.Print and Logger.Warningln - Update Entry.Logf to not do string formatting unless the log level is enabled - Fix infinite recursion on unknown Level.String() - Fix race condition in getCaller - Fix Entry.WithContext method to return a copy of the initial entry New: - Add DeferExitHandler, similar to RegisterExitHandler but prepending the handler to the list of handlers (semantically like defer) - Add CallerPrettyfier to JSONFormatter and `TextFormatter` - Add Entry.WithContext() and Entry.Context, to set a context on entries to be used e.g. in hooks - Enhance TextFormatter to not print caller information when they are empty Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 82e8ab53893ecf9b1a0f804f6e61aba7e66c454f

Bump gorilla/mux to 1.7.0 This release drops support for Go < 1.7, and removes the gorilla/context dependency (which was needed for older Go versions). Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 69eddfb69f60a0dcc3719f9126773f55db4520d9

bump github.com/pkg/errors v0.8.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 73b87bbecfc99fff952e00e12fb86fff20f36319

bump github.com/BurntSushi/toml v0.3.1 switch the licenses of cmd/ to be the same as the root full diff: https://github.com/BurntSushi/toml/compare/a368813c5e648fee92e5f6c30e3944ff9d5e8895...3012a1dbe2e4bd1391d42b32f0577cb7bbc7f005 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 3c01e955791b6017bcf08f42b01e772bb59d3ba8

bump github.com/miekg/pkcs11 553cfdd26aaafe851ca66a5e8015f0decb6b5a1e - Fix issue freeing memory on GetOperationState when NOT CK_OK - Expose login API for vendor specific login types - Move to go modules full diff: https://github.com/miekg/pkcs11/compare/6120d95c0e9576ccf4a78ba40855809dca31a9ed...553cfdd26aaafe851ca66a5e8015f0decb6b5a1e Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

HuKeping

commit sha 121a0c1df00dc6733da656905325e37400124933

Merge pull request #1445 from thaJeztah/update_dependencies Update dependencies

view details

push time in 3 months

PR merged theupdateframework/notary

Update dependencies

See individual commits for descriptions

+4476 -1065

6 comments

57 changed files

thaJeztah

pr closed time in 3 months

push eventtheupdateframework/notary

ethan

commit sha f7ad44b6998b5891c0581f8c03ff687bb8b64780

cleanup: help message words correction in keys.go Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>

view details

HuKeping

commit sha d30e429b63872bf2b965a0dd933ef0c9902a8ad2

Merge pull request #1483 from ethan-daocloud/patch-1 cleanup: help message words correction in keys.go

view details

push time in 3 months

pull request commenttheupdateframework/notary

Update maintainers email addresses

So they all changed their company , should I follow it lol. 😅

justincormack

comment created time in 3 months

more